Add identity manifest to the operator

- Change the scope of identity CRs as namespaced - Add identity CRs to objects - Create templates for identity service and endpoints Change-Id: Ibefa07d4431089d3bcce20b81d5d48194ad0e56d
2020-08-04 21:15:15 +03:00 · 2020-08-04 21:15:15 +03:00 · c2ca1c746d
commit c2ca1c746d
parent 57f628003f
4 changed files with 112 additions and 0 deletions
--- a/openstack_operator/identity.py
+++ b/openstack_operator/identity.py
@ -0,0 +1,46 @@
+# Copyright 2020 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""identity Operator
+
+This module contains a few common functions for identity management
+"""
+
+import kopf
+
+from openstack_operator import utils
+
+
+def ensure_service(name, service, desc, url=None):
+    """Create or update service and endpoints
+    """
+
+    try:
+        # Create or resume service
+        utils.create_or_update('identity/service.yml.j2', name=name,
+                               type=service, description=desc)
+
+        # Create or resume endpoints
+        internal_url = "http://" + name + ".openstack.svc.cluster.local"
+        public_url = internal_url
+        if url is not None:
+            public_url = "http://" + url
+        utils.create_or_update('identity/endpoint.yml.j2',
+                               service=service, interface='internal',
+                               url=internal_url)
+        utils.create_or_update('identity/endpoint.yml.j2',
+                               service=service, interface='public',
+                               url=public_url)
+    except Exception as ex:
+        raise kopf.TemporaryError(str(ex), delay=5)
--- a/openstack_operator/objects.py
+++ b/openstack_operator/objects.py
@ -22,6 +22,7 @@ It also inclues a ``dict`` with mappings which allows doing reverse-lookups
 from combinations of apiVersion and kind to the exact model.
 """

+from pykube.objects import APIObject
 from pykube.objects import ConfigMap
 from pykube.objects import CronJob
 from pykube.objects import DaemonSet
@ -36,6 +37,22 @@ from pykube.objects import Service
 from pykube.objects import StatefulSet


+class IdentityService(APIObject):
+    """Service Kubernetes object"""
+
+    version = "identity.openstack.org/v1alpha1"
+    endpoint = "services"
+    kind = "Service"
+
+
+class IdentityEndpoint(APIObject):
+    """Endpoint Kubernetes object"""
+
+    version = "identity.openstack.org/v1alpha1"
+    endpoint = "endpoints"
+    kind = "Endpoint"
+
+
 class Mcrouter(NamespacedAPIObject):
    """Mcrouter Kubernetes object"""

@ -106,6 +123,10 @@ MAPPING = {
    "extensions/v1beta1": {
        "Ingress": Ingress
    },
+    "identity.openstack.org/v1alpha1": {
+        "Service": IdentityService,
+        "Endpoint": IdentityEndpoint
+    },
    "infrastructure.vexxhost.cloud/v1alpha1": {
        "Mcrouter": Mcrouter,
        "Memcached": Memcached,
--- a/openstack_operator/templates/identity/endpoint.yml.j2
+++ b/openstack_operator/templates/identity/endpoint.yml.j2
@ -0,0 +1,23 @@
+---
+# Copyright 2020 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: identity.openstack.org/v1alpha1
+kind: Endpoint
+metadata:
+  name: {{ service }}-{{ interface }}
+spec:
+  service: {{ service }}
+  interface: {{ interface }}
+  url: {{ url }}
--- a/openstack_operator/templates/identity/service.yml.j2
+++ b/openstack_operator/templates/identity/service.yml.j2
@ -0,0 +1,22 @@
+---
+# Copyright 2020 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: identity.openstack.org/v1alpha1
+kind: Service
+metadata:
+  name: {{ name }}
+spec:
+  type: {{ type }}
+  description: {{ description }}